2

当我们尝试打开一个连接时,每 3 个连接(大约)一次 boto 崩溃。

我在它离开python之前打印了所有参数,并且在每个连接上参数都是相同的。

这是堆栈跟踪:

boto/sqs/connection.pyc in get_queue(self, queue_name)
    292         :returns: The requested queue, or ``None`` if no match was found.
    293         """
--> 294         rs = self.get_all_queues(queue_name)
    295         for q in rs:
    296             if q.url.endswith(queue_name):

boto/sqs/connection.pyc in get_all_queues(self, prefix)
    281         if prefix:
    282             params['QueueNamePrefix'] = prefix
--> 283         return self.get_list('ListQueues', params, [('QueueUrl', Queue)])
    284 
    285     def get_queue(self, queue_name):

boto/connection.pyc in get_list(self, action, params, markers, path, parent, verb)
    880         if not parent:
    881             parent = self
--> 882         response = self.make_request(action, params, path, verb)
    883         body = response.read()
    884         boto.log.debug(body)

boto/connection.pyc in make_request(self, action, params, path, verb)
    866         if self.APIVersion:
    867             http_request.params['Version'] = self.APIVersion
--> 868         return self._mexe(http_request)
    869 
    870     def build_list_params(self, params, items, label):

boto/connection.pyc in _mexe(self, request, sender, override_num_retries, retry_handler)
    792             raise BotoServerError(response.status, response.reason, body)
    793         elif e:
--> 794             raise e
    795         else:
    796             msg = 'Please report this exception as a Boto Issue!'

SSLError: _ssl.c:316: Invalid SSL protocol variant specified.

这是相关的C代码:

PySSL_BEGIN_ALLOW_THREADS
if (proto_version == PY_SSL_VERSION_TLS1)
    self->ctx = SSL_CTX_new(TLSv1_method()); /* Set up context */
else if (proto_version == PY_SSL_VERSION_SSL3)
    self->ctx = SSL_CTX_new(SSLv3_method()); /* Set up context */
else if (proto_version == PY_SSL_VERSION_SSL2)
    self->ctx = SSL_CTX_new(SSLv2_method()); /* Set up context */
else if (proto_version == PY_SSL_VERSION_SSL23)
    self->ctx = SSL_CTX_new(SSLv23_method()); /* Set up context */
PySSL_END_ALLOW_THREADS

if (self->ctx == NULL) {
    errstr = ERRSTR("Invalid SSL protocol variant specified.");
    goto fail;
}

我们proto_version总是打印它PY_SSL_VERSION_SSL23,我认为SSL_CTX_new由于某种原因失败了。

有什么想法可能是错的吗?

4

2 回答 2

0

原来这是由于我们加载的一个证书在某种程度上可能很糟糕,奇怪的是为什么它不会每次都崩溃。

无论如何,删除证书解决了这个问题。

于 2013-02-27T22:27:41.133 回答
0

certifi 最新版本存在一些问题,因此降级 certifi 将解决问题

pip uninstall -y certifi && pip install certifi==2015.04.28

                            or 

pip install requests[security]
于 2017-07-29T12:41:52.333 回答